SSUSA Job #988: DATA PRIVACY COMPLIANCE LEADER
DATA PRIVACY COMPLIANCE LEADER
The Data Privacy Compliance Leader is an application / technical leadership position that ensures privacy forms, policies, standards, and procedures are up-to-date. Takes a lead role, to ensure the organization has and maintains appropriate privacy and confidentiality consents, authorization forms, and information notices and materials reflecting current organization and legal practices. You will monitor compliance and data practices internally to ensure the business and its functions comply with the applicable requirements under CCPA, GDPR, and local state laws. The Data Privacy Compliance Leader will be responsible for Data Subject Access Requests, staff training, data privacy impact assessments, and internal audits. This person will also serve as the primary contact for supervisory authorities and individuals whose data is processed by the organization.
- Provide subject matter expertise and legal analysis for data privacy and related matters and manages the delivery of the global and regional Data Protection and Privacy annual plan and program, its objectives and KPIs.
- Implementing measures and a privacy governance framework to manage data use in compliance with CCPA, GDPR, including developing templates for data collection, assisting with data mapping, and vendor management reviews.
- Working with key internal stakeholders in the review of projects and related data to ensure compliance with local data privacy laws, and where necessary, complete and advise on privacy impact assessments.
- Contribute to the enterprise data privacy strategy, playing a primary role in critical elements such as developing and executing strategies for implementation of new processes to address regulatory changes such as the California Consumer Privacy Act (CCPA).
- Lead individual enterprise-wide data privacy projects coordinating with stakeholders across the company including the businesses, law department, information technology, human resources, and other functions.
- Serve as an in-depth company resource on Privacy laws such as the California Consumer Privacy Act (CCPA), General Data Protection Regulation (EU GDPR) and the US state breach notification laws.
- Serve as lead contact for data subjects exercising their data access rights; conduct related data collection, review, and dissemination of personal data.
- Ability to communicate in an organized and knowledgeable manner in written and verbal means – including delivering clear requests for information, developing responses to client requests, and communicating conflicts and risks.
- Ability to translate the legal data protection obligations in the context of the services the company provides.
- Develop and deliver training and promote awareness of, and compliance with, requirements on privacy topics.
- Function as a liaison between stakeholders and technical teams to obtain knowledge of personal data in applications and smart products.
- Assessing current software and systems for compliance with data protection principles and recommending changes and new technologies to help mitigate privacy vulnerabilities and prevent potential future privacy risks.
- Maturing enterprise-wide information lifecycle management strategy and governance process to identify, classify and protect personal data over its lifecycle.
- Providing forensics and management from the IT perspective of any suspected personal data incidents, working with the IT Compliance and Security Operations.
- Advising on data anonymization, pseudonymization and encryption techniques to develop systems that preserve and improve privacy protections.
- Overseeing asset inventories to meet regulatory requirements.
- Working with business functions to conduct regular privacy assessments of operational processes, identifying, and mitigating risks across the company.
- 3-4 years experience in privacy/data protection or a graduate degree or concentration in privacy engineering.
- Hold at least one Data Protection and/or Privacy certification such as CIPP, CIPT, ISEB, etc., (preferred).
- Extensive knowledge of data protection and data privacy laws and regulations with the ability to translate into operational implications for the company and experience in implementing processes and procedures to ensure compliance in accordance with applicable laws.
- Sufficient knowledge of information technology and data management systems is required.
- Executive presence, and ability to act as the primary contact on assigned projects.
- Strong analytical and advanced research skills related to industry trends and technology.
- Ability to interact effectively with people at all organizational levels of the Company and with Vendors.
- Strong change and project management skills, including the ability to manage time well, priorities effectively, and handle multiple deadlines.
- Capacity to build and maintain strong relationships with internal and external personnel.
- Extensive knowledge of data protection and data privacy laws and regulations with the ability to translate into operational implications and experience in implementing processes and procedures to ensure compliance in accordance with applicable laws.
- Excellent verbal and written communication and presentation skills.
YOU MUST LIVE IN THE NYC METRO AREA AND BE A US CITIZEN OR BE A GREENCARD HOLDER
SEND YOUR RESUME TO CLIFF@SSUSA.COM AND MENTION JOB 988 IN THE SUBJECT BOX
New York City AND Remote